Huntgroups and Rejects
Ing. Andrés Gallo
agallo at cotel.com.ar
Thu Sep 27 16:14:10 CEST 2018
Hello
We are trying to make two groups of users, General and FixedIP ( IPFIJA ).
To achieve that, we want to set a group of NASes to the General Group,
serving any customer.
And only one NAS, to get ONLY the 'IP-FIJA' customers. Rejecting others.
This way, if customer G1 in General group hits the NAS in NAS-Fixed_IP
(IPFIJA), it's rejected.
And customer F1, in FixedIP group, hits NAS-General, also rejected.
Code in 'default' is:
update request {
Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup WHERE
nasipaddress='%{NAS-IP-Address}'}"
}
#
if (Huntgroup-Name == "IPFIJA" && SQL-Group != "IP-FIJA") {
reject
}
Works great this way.
The question is if there's any way to 'silent' the rejects for the
particular case of 'Wrong NAS/Wrong group'.
Mean, once customer G1 request auth to NAS-Fixed_IP, instead of 'log'
the reject, silently discard it.
Because besides the RadPostAuth table whose inserts can be handled by
some 'if ..then' like above, the server status ( polled by SNMP
statistics ) grows a lot in such cases.
Regards
Andres
More information about the Freeradius-Users
mailing list